more help is available by typing NET HELPMSG 2182
net start tcpip says system error 2 has occurred the system cannot find the file specified
security 2012 virus
Started by
melint
, Dec 14 2011 04:12 PM
#31
Posted 29 December 2011 - 12:45 AM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
more help is available by typing NET HELPMSG 2182
net start tcpip says system error 2 has occurred the system cannot find the file specified
#32
Posted 29 December 2011 - 01:13 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
A little serendipity there. I should have asked you to run
But typed the wrong thing and found out something else we need to fix.
Wonder what happened to the file?
I suppose it is looking for tcpip.sys which should be in c:\windows\System32\drivers.
It's a hidden system file so you may need to:
Double-click on the My Computer icon.
Select the Tools menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button and exit My Computer.
Now your computer is configured to show all hidden files.
If it's not there then see if you can find a copy in c:\windows\system32\dllcache and copy it there. If it's not there then have it search the c:\windows and subdirectories for tcpip.sys and it should search system folders, search hidden files and folders, search subfolders (these are Search Options). Find the newest one you can and copy it to C:\Windows\system32\drivers
net start netbt
But typed the wrong thing and found out something else we need to fix.
Wonder what happened to the file?
I suppose it is looking for tcpip.sys which should be in c:\windows\System32\drivers.
It's a hidden system file so you may need to:
Double-click on the My Computer icon.
Select the Tools menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button and exit My Computer.
Now your computer is configured to show all hidden files.
If it's not there then see if you can find a copy in c:\windows\system32\dllcache and copy it there. If it's not there then have it search the c:\windows and subdirectories for tcpip.sys and it should search system folders, search hidden files and folders, search subfolders (these are Search Options). Find the newest one you can and copy it to C:\Windows\system32\drivers
#33
Posted 29 December 2011 - 07:47 AM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
after doing what you requested i found in system 32 drivers a file named tcpip.sys and one named tcpip6.sys so i was encouraged,
but when i ran it again i got system error 2 has occurred the system cannot find the file specified
but when i ran it again i got system error 2 has occurred the system cannot find the file specified
Edited by melint, 29 December 2011 - 09:33 AM.
#34
Posted 29 December 2011 - 10:47 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Open regedit then navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip
And click on Tcpip. Then look in the right pane for the ImagePath.
It should say:
System32\DRIVERS\tcpip.sys
Does it? DependonService should have: ipsec
Also I need for you to tell me what
says. Is it started?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip
And click on Tcpip. Then look in the right pane for the ImagePath.
It should say:
System32\DRIVERS\tcpip.sys
Does it? DependonService should have: ipsec
Also I need for you to tell me what
net start netbt
says. Is it started?
#35
Posted 29 December 2011 - 10:58 AM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
yes under image path is says exactly
system32\DRIVERS\tcpip.sys
and under depend on service it says exactly
IPSec
net start netbt says the requested service has already been started
system32\DRIVERS\tcpip.sys
and under depend on service it says exactly
IPSec
net start netbt says the requested service has already been started
#36
Posted 29 December 2011 - 11:12 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Is dhcp still complaining about a dependency not starting?
Let's try resetting tcpip:
reboot and see if the five are already started:
net start dhcp
Let's try resetting tcpip:
netsh int ip reset reset.log
reboot and see if the five are already started:
sc start tcpip sc start dhcp sc start afd sc start netbt sc start ipsec
#37
Posted 29 December 2011 - 01:05 PM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
yes net start dhcp still says system error the dependency service or group failed to start
k i did the reset.log and then rebooted and now i cannot even click on start to run cmd. it just flashes really quick when i click on start. it had done that the last few times i rebooted but after 15 or 20 minutes i could finally do it, but now i have waited 45 min and still no go. i also cannot empty the recycle bin or any of my desktop icons. should i try in safe mode??
k i did the reset.log and then rebooted and now i cannot even click on start to run cmd. it just flashes really quick when i click on start. it had done that the last few times i rebooted but after 15 or 20 minutes i could finally do it, but now i have waited 45 min and still no go. i also cannot empty the recycle bin or any of my desktop icons. should i try in safe mode??
#38
Posted 29 December 2011 - 01:05 PM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
yes net start dhcp still says system error the dependency service or group failed to start
k i did the reset.log and then rebooted and now i cannot even click on start to run cmd. it just flashes really quick when i click on start. it had done that the last few times i rebooted but after 15 or 20 minutes i could finally do it, but now i have waited 45 min and still no go. i also cannot empty the recycle bin or any of my desktop icons. should i try in safe mode??
k i did the reset.log and then rebooted and now i cannot even click on start to run cmd. it just flashes really quick when i click on start. it had done that the last few times i rebooted but after 15 or 20 minutes i could finally do it, but now i have waited 45 min and still no go. i also cannot empty the recycle bin or any of my desktop icons. should i try in safe mode??
#40
Posted 29 December 2011 - 01:45 PM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
they all say the same:
startservice failed 1084
this service cannot be started safe mode
startservice failed 1084
this service cannot be started safe mode
#41
Posted 29 December 2011 - 01:50 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Doh! I knew that.
Use your laptop to transfer the downloads called for in the following. We need to get rid of the malware first.
ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:
:!: It must be saved to your desktop, do not run it :!:
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html
Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Doubleclick on ComboFix to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply
Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwarebytes.org/mbam.php
SAVE Malwarebytes' Anti-Malware to your desktop.
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.
Run OTL, Quickscan and post the log.
Ron
Use your laptop to transfer the downloads called for in the following. We need to get rid of the malware first.
ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:
:!: It must be saved to your desktop, do not run it :!:
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html
Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Doubleclick on ComboFix to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply
Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwarebytes.org/mbam.php
SAVE Malwarebytes' Anti-Malware to your desktop.
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.
Run OTL, Quickscan and post the log.
Ron
#42
Posted 29 December 2011 - 02:46 PM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
tried combofix and was able to open it and agree to the disclaimer but nothing else happened. have been waiting about 20 min but nothing. should i try the killer one?
#43
Posted 29 December 2011 - 03:32 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
We might be able to get it to work with
combofix /killall
If it is on the desktop then Start, Run,cmd, OK and type:
If that doesn't make it work then go on to the others.
combofix /killall
If it is on the desktop then Start, Run,cmd, OK and type:
cd "\Documents and Settings\HP_Administrator\desktop" combofix /killall
If that doesn't make it work then go on to the others.
#44
Posted 29 December 2011 - 04:54 PM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
wow finally got combofix done and the log is attached working on the others now
Attached Files
-
ComboFix.txt 31.9KB
121 downloads
#45
Posted 29 December 2011 - 05:00 PM
melint
- Topic Starter
-
- Member
-
- 166 posts
Member
first tdsskiller report
Attached Files
-
TDSSKiller.2.6.25.0_29.12.2011_16.56.45_log.txt 59.89KB
153 downloads
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
